I also have that problem :-[
When the default gw is down I can't even access the webinterface remotely although I enabled that port on all wan interfaces.
Is there something needed to elect a new default gw when the first is down?

Not sure I understand this? If there is no system default route set or switch on WAN change what happens to traffic originating from the router? Or from sources that don't use gateway groups?

Second thing I notice was I think a potential conflict between a GATEWAY firewall rule and traffic to vpns. I'll do a separate post on this.

@ermal:

Please show your config because something might be wrong on you plolicy route.

It's pretty basic. I also noted that the defaults latency limits (not sure exactly what they are) seemed to be too low, as I was getting high latency warnings. One of my dsl connections uses interleaving so it can sit around 40ms.

I'm using this now at home. I'll try some unplug connection tests later when it's less distributive.

Overall I like the direction it's going. Some of the network UI/logic is probably a bit rogue and not 100% intuitive. But it seems usable now.

I also have that problem :-[
When the default gw is down I can't even access the webinterface remotely although I enabled that port on all wan interfaces.
Is there something needed to elect a new default gw when the first is down?
[/quote]

I did note that it seemed to take some time for a down interface to be detected. Not sure how to change the timeout.

I also have that problem :-[
When the default gw is down I can't even access the webinterface remotely although I enabled that port on all wan interfaces.
Is there something needed to elect a new default gw when the first is down?
[/quote]

I did note that it seemed to take some time for a down interface to be detected. Not sure how to change the timeout.

Something very strange I'd like to add is that when I mess around with the default gateway's Monitor IP, I get a timeout as soon as I click save. From that time on I can't access the webinterface remotely anymore.
I then have to login from the lan side, navigate to routes and hit apply. Then everything works again immediately from the remote side..

Even more strange is that it's not even needed to change ANYTHING.. just open default gw's settings, click save.
As soon as I do that I can't access the firewall over any external ip/interface anymore.
After 5 minutes of waiting it didn't resolve..
had to access it via lan interface and hit apply..

Something very strange I'd like to add is that when I mess around with the default gateway's Monitor IP, I get a timeout as soon as I click save. From that time on I can't access the webinterface remotely anymore.
I then have to login from the lan side, navigate to routes and hit apply. Then everything works again immediately from the remote side..

Even more strange is that it's not even needed to change ANYTHING.. just open default gw's settings, click save.
As soon as I do that I can't access the firewall over any external ip/interface anymore.
After 5 minutes of waiting it didn't resolve..
had to access it via lan interface and hit apply..

Can you check the route table when you do this before and after. See if the system "default" disappears.

No it's not. All WAN rules have routing information in them via pf's reply-to, you don't need any routing. There has been a whole lot of flux in the past couple weeks with interfaces and multi-WAN though, best to give it a few more days until all the fallout has been resolved (though I think the next snapshot should fix the last remaining issue, that remains to be seen).

No it's not. All WAN rules have routing information in them via pf's reply-to, you don't need any routing. There has been a whole lot of flux in the past couple weeks with interfaces and multi-WAN though, best to give it a few more days until all the fallout has been resolved (though I think the next snapshot should fix the last remaining issue, that remains to be seen).

That's what I was planning. Try one of the snapshots next week. See what has changed and see how it works in my environment.